Packages changed: Mesa (25.1.5 -> 25.1.6) Mesa-drivers (25.1.5 -> 25.1.6) apache2 (2.4.63 -> 2.4.64) apache2-manual (2.4.63 -> 2.4.64) apache2-prefork (2.4.63 -> 2.4.64) apache2-utils (2.4.63 -> 2.4.64) apparmor busybox busybox-links ceph curl (8.14.1 -> 8.15.0) fuse fuse3 (3.17.2 -> 3.17.3) gdk-pixbuf gpgme (1.24.3 -> 2.0.0) grub2 gupnp kernel-source (6.15.6 -> 6.15.7) libapparmor libbpf (1.5.1 -> 1.6.1) libcddb libopenmpt (0.8.1 -> 0.8.2) libreoffice (25.2.4.3 -> 25.2.5.2) libstorage-ng (4.5.263 -> 4.5.264) libxml2 libxslt libyui (4.7.5 -> 4.7.6) libyui-ncurses (4.7.5 -> 4.7.6) libyui-ncurses-pkg (4.7.5 -> 4.7.6) libyui-qt (4.7.5 -> 4.7.6) libyui-qt-graph (4.7.5 -> 4.7.6) libyui-qt-pkg (4.7.5 -> 4.7.6) libyuv libzypp (17.37.11 -> 17.37.12) ncurses (6.5.20250712 -> 6.5.20250720) open-iscsi openSUSE-release (20250718 -> 20250722) orca pciutils (3.13.0 -> 3.14.0) perl-libwww-perl (6.780.0 -> 6.790.0) python-Automat (24.8.1 -> 25.4.16) python-anyio (4.8.0 -> 4.9.0) python-kiwi (10.2.27 -> 10.2.28) python-typing_extensions (4.14.0 -> 4.14.1) python311 python311-core python313 python313-core qgpgme (1.24.3 -> 2.0.0) sdbootutil (1+git20250716.b03c12f -> 1+git20250718.9f557f7) sqlite3 (3.50.2 -> 3.50.3) sshfs tbb (2022.1.0 -> 2022.2.0) update-bootloader (1.24 -> 1.25) vulkan-loader (1.4.313 -> 1.4.321) vulkan-tools (1.4.313 -> 1.4.321) xkeyboard-config yast2 (5.0.14 -> 5.0.15) yast2-packager (5.0.6 -> 5.0.8) yast2-trans (84.87.20250710.2e450abe00 -> 84.87.20250721.46ecd273d2) zypper (1.14.92 -> 1.14.93) === Details === ==== Mesa ==== Version update (25.1.5 -> 25.1.6) Subpackages: Mesa-libEGL1 Mesa-libGL1 libgbm1 - Customise drivers for loongarch64 - Update to release 25.1.6 - -> https://docs.mesa3d.org/relnotes/25.1.6 ==== Mesa-drivers ==== Version update (25.1.5 -> 25.1.6) Subpackages: Mesa-dri Mesa-gallium Mesa-libva Mesa-vulkan-device-select libvulkan_lvp libxatracker2 - Customise drivers for loongarch64 - Update to release 25.1.6 - -> https://docs.mesa3d.org/relnotes/25.1.6 ==== apache2 ==== Version update (2.4.63 -> 2.4.64) * Refresh patches: - apache-test-application-xml-type.patch - apache-test-turn-off-variables-in-ssl-var-lookup.patch - apache2-HttpContentLengthHeadZero-HttpExpectStrict.patch - apache2-LimitRequestFieldSize-limits-headers.patch * Update to 2.4.64. * CVE-2025-53020: Apache HTTP Server: HTTP/2 DoS by Memory Increase * CVE-2025-49812: Apache HTTP Server: mod_ssl TLS upgrade attack * CVE-2025-49630: Apache HTTP Server: mod_proxy_http2 denial of service * CVE-2025-23048: Apache HTTP Server: mod_ssl access control bypass with session resumption * CVE-2024-47252: Apache HTTP Server: mod_ssl error log variable escaping * CVE-2024-43394: Apache HTTP Server: SSRF on Windows due to UNC paths * CVE-2024-43204: Apache HTTP Server: SSRF with mod_headers setting Content-Type header * CVE-2024-42516: Apache HTTP Server: HTTP response splitting * mod_proxy_ajp: Use iobuffersize set on worker level for the IO buffer size. * mod_ssl: Drop $SSLKEYLOGFILE handling internally for OpenSSL 3.5 builds which enable it in libssl natively. * mod_asis: Fix the log level of the message AH01236. * mod_session_dbd: ensure format used with SessionDBDCookieName and SessionDBDCookieName2 are correct. * mod_headers: 'RequestHeader set|edit|edit_r Content-Type X' could inadvertently modify the Content-Type _response_ header. Applies to Content-Type only and likely to only affect static file responses. * mod_ssl: Remove warning over potential uninitialised value for ssl protocol prior to protocol selection. * mod_proxy: Reuse ProxyRemote connections when possible, like prior to 2.4.59. * mod_systemd: Add systemd socket activation support. * mod_systemd: Log the SELinux context at startup if available and enabled. * mod_http2: update to version 2.0.32 The code setting the connection window size was set wrong, preventing `H2WindowSize` to work. * mod_http2: update to version 2.0.30 - Fixed bug in handling over long response headers. When the 64 KB limit of nghttp2 was exceeded, the request was not reset and the client was left hanging, waiting for it. Now the stream is reset. - Added new directive `H2MaxHeaderBlockLen` to set the limit on response header sizes. - Fixed handling of Timeout vs. KeepAliveTimeout when first request on a connection was reset. * mod_lua: Fix memory handling in LuaOutputFilter. * mod_proxy_http2: revert r1912193 for detecting broken backend connections as this interferes with backend selection who a node is unresponsive. * mod_proxy_balancer: Fix a regression that caused stickysession keys no longer be recognized if they are provided as query parameter in the URL. * mod_md: update to version 2.5.2 - Fixed TLS-ALPN-01 challenges when multiple `MDPrivateKeys` are specified with EC keys before RSA ones. - Fixed missing newlines in the status page output. * mod_dav: Add API to expose DavBasePath setting. * mod_md: update to version 2.5.1 - Added support for ACME profiles with new directives MDProfile and MDProfileMandatory. - When installing a custom CA file via `MDCACertificateFile`, also set the libcurl option CURLSSLOPT_NO_REVOKE that suppresses complains by Schannel (when curl is linked with it) about missing CRL/OCSP in certificates. - Fixed handling of corrupted httpd.json and added test 300_30 for it. File is removed on error and written again. Fixes #369. - Added explanation in log for how to proceed when md_store.json could not be parsed and prevented the server start. - restored fixed to #336 and #337 which got lost in a sync with Apache svn - Add Issue Name/Uris to certificate information in md-status handler - MDomains with static certificate files have MDRenewMode "manual", unless "always" is configured. * core: Report invalid Options= argument when parsing AllowOverride directives. * scoreboard/mod_http2: record durations of HTTP/2 requests. ==== apache2-manual ==== Version update (2.4.63 -> 2.4.64) * Refresh patches: - apache-test-application-xml-type.patch - apache-test-turn-off-variables-in-ssl-var-lookup.patch - apache2-HttpContentLengthHeadZero-HttpExpectStrict.patch - apache2-LimitRequestFieldSize-limits-headers.patch * Update to 2.4.64. * CVE-2025-53020: Apache HTTP Server: HTTP/2 DoS by Memory Increase * CVE-2025-49812: Apache HTTP Server: mod_ssl TLS upgrade attack * CVE-2025-49630: Apache HTTP Server: mod_proxy_http2 denial of service * CVE-2025-23048: Apache HTTP Server: mod_ssl access control bypass with session resumption * CVE-2024-47252: Apache HTTP Server: mod_ssl error log variable escaping * CVE-2024-43394: Apache HTTP Server: SSRF on Windows due to UNC paths * CVE-2024-43204: Apache HTTP Server: SSRF with mod_headers setting Content-Type header * CVE-2024-42516: Apache HTTP Server: HTTP response splitting * mod_proxy_ajp: Use iobuffersize set on worker level for the IO buffer size. * mod_ssl: Drop $SSLKEYLOGFILE handling internally for OpenSSL 3.5 builds which enable it in libssl natively. * mod_asis: Fix the log level of the message AH01236. * mod_session_dbd: ensure format used with SessionDBDCookieName and SessionDBDCookieName2 are correct. * mod_headers: 'RequestHeader set|edit|edit_r Content-Type X' could inadvertently modify the Content-Type _response_ header. Applies to Content-Type only and likely to only affect static file responses. * mod_ssl: Remove warning over potential uninitialised value for ssl protocol prior to protocol selection. * mod_proxy: Reuse ProxyRemote connections when possible, like prior to 2.4.59. * mod_systemd: Add systemd socket activation support. * mod_systemd: Log the SELinux context at startup if available and enabled. * mod_http2: update to version 2.0.32 The code setting the connection window size was set wrong, preventing `H2WindowSize` to work. * mod_http2: update to version 2.0.30 - Fixed bug in handling over long response headers. When the 64 KB limit of nghttp2 was exceeded, the request was not reset and the client was left hanging, waiting for it. Now the stream is reset. - Added new directive `H2MaxHeaderBlockLen` to set the limit on response header sizes. - Fixed handling of Timeout vs. KeepAliveTimeout when first request on a connection was reset. * mod_lua: Fix memory handling in LuaOutputFilter. * mod_proxy_http2: revert r1912193 for detecting broken backend connections as this interferes with backend selection who a node is unresponsive. * mod_proxy_balancer: Fix a regression that caused stickysession keys no longer be recognized if they are provided as query parameter in the URL. * mod_md: update to version 2.5.2 - Fixed TLS-ALPN-01 challenges when multiple `MDPrivateKeys` are specified with EC keys before RSA ones. - Fixed missing newlines in the status page output. * mod_dav: Add API to expose DavBasePath setting. * mod_md: update to version 2.5.1 - Added support for ACME profiles with new directives MDProfile and MDProfileMandatory. - When installing a custom CA file via `MDCACertificateFile`, also set the libcurl option CURLSSLOPT_NO_REVOKE that suppresses complains by Schannel (when curl is linked with it) about missing CRL/OCSP in certificates. - Fixed handling of corrupted httpd.json and added test 300_30 for it. File is removed on error and written again. Fixes #369. - Added explanation in log for how to proceed when md_store.json could not be parsed and prevented the server start. - restored fixed to #336 and #337 which got lost in a sync with Apache svn - Add Issue Name/Uris to certificate information in md-status handler - MDomains with static certificate files have MDRenewMode "manual", unless "always" is configured. * core: Report invalid Options= argument when parsing AllowOverride directives. * scoreboard/mod_http2: record durations of HTTP/2 requests. ==== apache2-prefork ==== Version update (2.4.63 -> 2.4.64) * Refresh patches: - apache-test-application-xml-type.patch - apache-test-turn-off-variables-in-ssl-var-lookup.patch - apache2-HttpContentLengthHeadZero-HttpExpectStrict.patch - apache2-LimitRequestFieldSize-limits-headers.patch * Update to 2.4.64. * CVE-2025-53020: Apache HTTP Server: HTTP/2 DoS by Memory Increase * CVE-2025-49812: Apache HTTP Server: mod_ssl TLS upgrade attack * CVE-2025-49630: Apache HTTP Server: mod_proxy_http2 denial of service * CVE-2025-23048: Apache HTTP Server: mod_ssl access control bypass with session resumption * CVE-2024-47252: Apache HTTP Server: mod_ssl error log variable escaping * CVE-2024-43394: Apache HTTP Server: SSRF on Windows due to UNC paths * CVE-2024-43204: Apache HTTP Server: SSRF with mod_headers setting Content-Type header * CVE-2024-42516: Apache HTTP Server: HTTP response splitting * mod_proxy_ajp: Use iobuffersize set on worker level for the IO buffer size. * mod_ssl: Drop $SSLKEYLOGFILE handling internally for OpenSSL 3.5 builds which enable it in libssl natively. * mod_asis: Fix the log level of the message AH01236. * mod_session_dbd: ensure format used with SessionDBDCookieName and SessionDBDCookieName2 are correct. * mod_headers: 'RequestHeader set|edit|edit_r Content-Type X' could inadvertently modify the Content-Type _response_ header. Applies to Content-Type only and likely to only affect static file responses. * mod_ssl: Remove warning over potential uninitialised value for ssl protocol prior to protocol selection. * mod_proxy: Reuse ProxyRemote connections when possible, like prior to 2.4.59. * mod_systemd: Add systemd socket activation support. * mod_systemd: Log the SELinux context at startup if available and enabled. * mod_http2: update to version 2.0.32 The code setting the connection window size was set wrong, preventing `H2WindowSize` to work. * mod_http2: update to version 2.0.30 - Fixed bug in handling over long response headers. When the 64 KB limit of nghttp2 was exceeded, the request was not reset and the client was left hanging, waiting for it. Now the stream is reset. - Added new directive `H2MaxHeaderBlockLen` to set the limit on response header sizes. - Fixed handling of Timeout vs. KeepAliveTimeout when first request on a connection was reset. * mod_lua: Fix memory handling in LuaOutputFilter. * mod_proxy_http2: revert r1912193 for detecting broken backend connections as this interferes with backend selection who a node is unresponsive. * mod_proxy_balancer: Fix a regression that caused stickysession keys no longer be recognized if they are provided as query parameter in the URL. * mod_md: update to version 2.5.2 - Fixed TLS-ALPN-01 challenges when multiple `MDPrivateKeys` are specified with EC keys before RSA ones. - Fixed missing newlines in the status page output. * mod_dav: Add API to expose DavBasePath setting. * mod_md: update to version 2.5.1 - Added support for ACME profiles with new directives MDProfile and MDProfileMandatory. - When installing a custom CA file via `MDCACertificateFile`, also set the libcurl option CURLSSLOPT_NO_REVOKE that suppresses complains by Schannel (when curl is linked with it) about missing CRL/OCSP in certificates. - Fixed handling of corrupted httpd.json and added test 300_30 for it. File is removed on error and written again. Fixes #369. - Added explanation in log for how to proceed when md_store.json could not be parsed and prevented the server start. - restored fixed to #336 and #337 which got lost in a sync with Apache svn - Add Issue Name/Uris to certificate information in md-status handler - MDomains with static certificate files have MDRenewMode "manual", unless "always" is configured. * core: Report invalid Options= argument when parsing AllowOverride directives. * scoreboard/mod_http2: record durations of HTTP/2 requests. ==== apache2-utils ==== Version update (2.4.63 -> 2.4.64) * Refresh patches: - apache-test-application-xml-type.patch - apache-test-turn-off-variables-in-ssl-var-lookup.patch - apache2-HttpContentLengthHeadZero-HttpExpectStrict.patch - apache2-LimitRequestFieldSize-limits-headers.patch * Update to 2.4.64. * CVE-2025-53020: Apache HTTP Server: HTTP/2 DoS by Memory Increase * CVE-2025-49812: Apache HTTP Server: mod_ssl TLS upgrade attack * CVE-2025-49630: Apache HTTP Server: mod_proxy_http2 denial of service * CVE-2025-23048: Apache HTTP Server: mod_ssl access control bypass with session resumption * CVE-2024-47252: Apache HTTP Server: mod_ssl error log variable escaping * CVE-2024-43394: Apache HTTP Server: SSRF on Windows due to UNC paths * CVE-2024-43204: Apache HTTP Server: SSRF with mod_headers setting Content-Type header * CVE-2024-42516: Apache HTTP Server: HTTP response splitting * mod_proxy_ajp: Use iobuffersize set on worker level for the IO buffer size. * mod_ssl: Drop $SSLKEYLOGFILE handling internally for OpenSSL 3.5 builds which enable it in libssl natively. * mod_asis: Fix the log level of the message AH01236. * mod_session_dbd: ensure format used with SessionDBDCookieName and SessionDBDCookieName2 are correct. * mod_headers: 'RequestHeader set|edit|edit_r Content-Type X' could inadvertently modify the Content-Type _response_ header. Applies to Content-Type only and likely to only affect static file responses. * mod_ssl: Remove warning over potential uninitialised value for ssl protocol prior to protocol selection. * mod_proxy: Reuse ProxyRemote connections when possible, like prior to 2.4.59. * mod_systemd: Add systemd socket activation support. * mod_systemd: Log the SELinux context at startup if available and enabled. * mod_http2: update to version 2.0.32 The code setting the connection window size was set wrong, preventing `H2WindowSize` to work. * mod_http2: update to version 2.0.30 - Fixed bug in handling over long response headers. When the 64 KB limit of nghttp2 was exceeded, the request was not reset and the client was left hanging, waiting for it. Now the stream is reset. - Added new directive `H2MaxHeaderBlockLen` to set the limit on response header sizes. - Fixed handling of Timeout vs. KeepAliveTimeout when first request on a connection was reset. * mod_lua: Fix memory handling in LuaOutputFilter. * mod_proxy_http2: revert r1912193 for detecting broken backend connections as this interferes with backend selection who a node is unresponsive. * mod_proxy_balancer: Fix a regression that caused stickysession keys no longer be recognized if they are provided as query parameter in the URL. * mod_md: update to version 2.5.2 - Fixed TLS-ALPN-01 challenges when multiple `MDPrivateKeys` are specified with EC keys before RSA ones. - Fixed missing newlines in the status page output. * mod_dav: Add API to expose DavBasePath setting. * mod_md: update to version 2.5.1 - Added support for ACME profiles with new directives MDProfile and MDProfileMandatory. - When installing a custom CA file via `MDCACertificateFile`, also set the libcurl option CURLSSLOPT_NO_REVOKE that suppresses complains by Schannel (when curl is linked with it) about missing CRL/OCSP in certificates. - Fixed handling of corrupted httpd.json and added test 300_30 for it. File is removed on error and written again. Fixes #369. - Added explanation in log for how to proceed when md_store.json could not be parsed and prevented the server start. - restored fixed to #336 and #337 which got lost in a sync with Apache svn - Add Issue Name/Uris to certificate information in md-status handler - MDomains with static certificate files have MDRenewMode "manual", unless "always" is configured. * core: Report invalid Options= argument when parsing AllowOverride directives. * scoreboard/mod_http2: record durations of HTTP/2 requests. ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang python3-apparmor - add xkeyboard.diff to allow reading /usr/share/xkeyboard-config-2/ via abstractions/X (boo#1246743) - add kerberosclient-usrmerge.diff to allow reading /usr/etc/krb5.conf (boo#1246689) ==== busybox ==== Subpackages: busybox-static - add placeholder variable and ignore applet logic to busybox.install - enable halt, poweroff, reboot commands (bsc#1243201) ==== busybox-links ==== Subpackages: busybox-coreutils busybox-diffutils busybox-ed busybox-gawk busybox-grep busybox-gzip busybox-procps busybox-psmisc busybox-sed busybox-sendmail busybox-which busybox-xz - add filtering of ignored applets to busybox.install ==== ceph ==== Subpackages: librados2 librbd1 - Drop cryptopp as potential dependency [jsc#PED-13011] and use gnutls as upstream seastar. * Remove cryptopp and use gnutls instead. * Add ceph-replace-CryptoPP-calls-with-GnuTLS.patch ==== curl ==== Version update (8.14.1 -> 8.15.0) Subpackages: libcurl4 - Update to 8.15.0: * Changes: - TLS: remove support for Secure Transport and BearSSL * Bugfixes: - cf-socket: make socket data_pending a nop - configure: order LDAP after the SSL libraries - curl: improve non-blocking STDIN performance - curl_get_line: make sure lines end with newline - curl_path: make SFTP handle a path like /~ properly. - curlinfo: provide the 'digest' feature - digest: fix build with disabled digest auth - docs: note SSLS-EXPORT feature in -ssl-sessions doc - docs: reflect that delimiter-separated capath is only OpenSSL - docs: sync -tls-earlydata support w/ CURLOPT_SSL_OPTIONS - http/3: report handshake with version and cipher as for TCP connections - http2: do not delay RST send on aborted transfer - http_ntlm: protect against null deref - ldap: initial support for --with-ldap option - lib: address singleuse issues - lib: avoid reusing unclean connection - lib: drop two interim macros in favor of native libcurl API calls - lib: stop 'time()' debug overrides at the end of source in altsvc, hsts - lib: unify recv/send function signatures - memdebug.h: #undef 'fclose' before defining it - openssl: enable readahead - openssl: error on SSL_ERROR_SYSCALL - openssl: fix handling of buffered data - openssl: fix openssl engine use - openssl: fix pkcs11 provider available check - quic: implement CURLINFO_TLS_SSL_PTR - schannel: allow partial chains for manual peer verification - SCP/SFTP: avoid busy loop after EAGAIN - socks: fix query when filter context is null - tls: remove Curl_ssl false_start - tool_getparam: fix --ftp-pasv - tool_operate: fix return code when --retry is used but not triggered - top-complexity: lower max allowed complexity threshold to 90 - url: fix NULL deref with bad password when no user is provided - urlapi: use uppercase hex encoding - vtls: change send/recv signatures of tls backends - vtls: prefer ciphersuite to cipher in msgs - vtls: prefer rustls-ffi ciphersuite name API - xfer: manage pause bits * Remove patches upstream: - curl-fix--ftp-pasv.patch - fix-return-code-with-retry.patch ==== fuse ==== Subpackages: libfuse2 - Workaround gettext 0.25 behavioral changes and call autopoint as needed [boo#1246701] ==== fuse3 ==== Version update (3.17.2 -> 3.17.3) Subpackages: libfuse3-4 - Update to release 3.17.3 * Avoid possible double unmount on FUSE_DESTROY ==== gdk-pixbuf ==== Subpackages: gdk-pixbuf-lang gdk-pixbuf-query-loaders gdk-pixbuf-thumbnailer libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0 - Add gdk-pixbuf-fix-decoder-written-bytes-reporting.patch: Fix memory leak caused by wrong written bytes reported by decoder (bsc#1245227). ==== gpgme ==== Version update (1.24.3 -> 2.0.0) - Update to 2.0.0: * The C++ bindings, the Qt bindings, and the Python bindings were split off of gpgme * New function gpgme_op_random_bytes to get cryptographically strong random bytes from gpg * New function gpgme_op_random_value to get a cryptographically strong unsigned integer random value * New decrypt flag to skip the actual decryption so that information about the recipients can be retrieved. * New flag for key generate to mark a (sub)key as group owned * If the key passed to gpgme_signers_add was retrieved with an exact pattern (fingerprint with '!' suffix), the requested subkey is used for signing. This reflects the behaviour of gpg but is a minor semantic change * The timestamp and expires fields in gpgme_subkey_t, gpgme_key_sig, and gpgme_new_signature_t are changed from signed long to unsigned long to better cope with 32bit time_t implementations. These fields should in reality never see an error value (-1). * Removed the gpgme_attr_t enums and their functions which were deprecated since 2003D. [rMd54d6eaa64] * Removed the never implemented or announced GPGME_EXPORT_MODE_NOUID flags * Removed the entire trustlist feature which worked anyway only for a short period in 2003 - drop requirements from devel that are autogenerated - drop gpgme-suse-nobetasuffix.patch - drop gpgme-fix-python-install.patch ==== grub2 ==== Subpackages: grub2-common grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-efi-bls - Fix test -f and -s do not work properly over the network files served via tftp and http (bsc#1246157) (bsc#1246237) * 0001-test-Fix-f-test-on-files-over-network.patch * 0002-http-Return-HTTP-status-code-in-http_establish.patch * 0003-docs-Clarify-test-for-files-on-TFTP-and-HTTP.patch * 0004-tftp-Fix-hang-when-file-is-a-directory.patch ==== gupnp ==== - Disable test on loongarch. The test cannot be completed on loongarch64 due to architectural limitations. ==== kernel-source ==== Version update (6.15.6 -> 6.15.7) - fs/proc: Use inode_get_dev() for device numbers in procmap_query (bsc#1246332). - commit 3e63d43 - Linux 6.15.7 (bsc#1012628). - eventpoll: don't decrement ep refcount while still holding the ep mutex (bsc#1012628). - drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (bsc#1012628). - ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (bsc#1012628). - ASoC: Intel: SND_SOC_INTEL_SOF_BOARD_HELPERS select SND_SOC_ACPI_INTEL_MATCH (bsc#1012628). - ASoC: soc-acpi: add get_function_tplg_files ops (bsc#1012628). - ASoC: Intel: add sof_sdw_get_tplg_files ops (bsc#1012628). - ASoC: Intel: soc-acpi-intel-arl-match: set get_function_tplg_files ops (bsc#1012628). - ASoC: Intel: soc-acpi: arl: Correct order of cs42l43 matches (bsc#1012628). - perf/core: Fix the WARN_ON_ONCE is out of lock protected region (bsc#1012628). - EDAC: Initialize EDAC features sysfs attributes (bsc#1012628). - irqchip/irq-msi-lib: Select CONFIG_GENERIC_MSI_IRQ (bsc#1012628). - sched/core: Fix migrate_swap() vs. hotplug (bsc#1012628). - objtool: Add missing endian conversion to read_annotate() (bsc#1012628). - perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1012628). - ASoC: cs35l56: probe() should fail if the device ID is not recognized (bsc#1012628). - Bluetooth: hci_sync: Fix not disabling advertising instance (bsc#1012628). - Bluetooth: hci_core: Remove check of BDADDR_ANY in hci_conn_hash_lookup_big_state (bsc#1012628). - Bluetooth: hci_sync: Fix attempting to send HCI_Disconnect to BIS handle (bsc#1012628). - Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (bsc#1012628). - pinctrl: amd: Clear GPIO debounce for suspend (bsc#1012628). - fix proc_sys_compare() handling of in-lookup dentries (bsc#1012628). - sched/deadline: Fix dl_server runtime calculation formula (bsc#1012628). - bnxt_en: eliminate the compile warning in bnxt_request_irq due to CONFIG_RFS_ACCEL (bsc#1012628). - arm64: poe: Handle spurious Overlay faults (bsc#1012628). - arm64/mm: Drop wrong writes into TCR2_EL1 (bsc#1012628). - net: phy: qcom: move the WoL function to shared library (bsc#1012628). - net: phy: qcom: qca808x: Fix WoL issue by utilizing at8031_set_wol() (bsc#1012628). - netlink: Fix wraparounds of sk->sk_rmem_alloc (bsc#1012628). - vsock: fix `vsock_proto` declaration (bsc#1012628). - tipc: Fix use-after-free in tipc_conn_close() (bsc#1012628). - tcp: Correct signedness in skb remaining space calculation (bsc#1012628). - vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1012628). - vsock: Fix transport_* TOCTOU (bsc#1012628). - vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (bsc#1012628). - net: airoha: Fix an error handling path in airoha_probe() (bsc#1012628). - module: Fix memory deallocation on error path in move_module() (bsc#1012628). - net: stmmac: Fix interrupt handling for level-triggered mode in DWC_XGMAC2 (bsc#1012628). - net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (bsc#1012628). - net: phy: smsc: Force predictable MDI-X state on LAN87xx (bsc#1012628). - net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (bsc#1012628). - atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1012628). - atm: clip: Fix memory leak of struct clip_vcc (bsc#1012628). - atm: clip: Fix infinite recursive call of clip_push() (bsc#1012628). - atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1012628). - net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info (bsc#1012628). - net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1012628). - rxrpc: Fix bug due to prealloc collision (bsc#1012628). - crypto: s390/sha - Fix uninitialized variable in SHA-1 and SHA-2 (bsc#1012628). - rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1012628). - ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1012628). - x86/mce/amd: Add default names for MCA banks and blocks (bsc#1012628). - x86/mce/amd: Fix threshold limit reset (bsc#1012628). - x86/mce: Don't remove sysfs if thresholding sysfs init fails (bsc#1012628). - x86/mce: Ensure user polling settings are honored when restarting timer (bsc#1012628). - x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (bsc#1012628). ... changelog too long, skipping 245 lines ... - commit c5fb175 ==== libapparmor ==== - add xkeyboard.diff to allow reading /usr/share/xkeyboard-config-2/ via abstractions/X (boo#1246743) - add kerberosclient-usrmerge.diff to allow reading /usr/etc/krb5.conf (boo#1246689) ==== libbpf ==== Version update (1.5.1 -> 1.6.1) - update to 1.6.0: * add more control over BPF object lifetime with new preparation step (bpf_object__prepare() API) * libbpf will report symbolic error code (e.g., "-EINVAL") in addition to human-readable error description * bpf_prog_stream_read() API * BPF token support when attaching BPF trampoline-based BPF programs in bpf_program__set_attach_target() * BPF token support for BPF_BTF_GET_FD_BY_ID command * support multi-uprobe session (SEC("uprobe.session")) BPF programs * support unique_match option for multi-kprobe attachment * support creating and destroying qdisk with BPF_TC_QDISC flag; * bpf_program__attach_cgroup_opts() which enables more precise cgroup-based attachment ordering * automatically take advantage of memory-mappable kernel BTF (/sys/kernel/btf/vmlinux), if supported * emit_strings option for BTF dumper API, improving string-like data printing * add BPF program's func and line info accessors * BPF linker supports linking ELF object files coming from memory buffer and referenced by FD, in addition to file path-based APIs; * small improvements to BTF dedup to handle rare quirky corner cases produces by some compilers * add likely() and unlikely() convenience macros; * __arg_untrusted annotation for BPF global subprog arguments; * bpf_stream_printk() macro for working with BPF streams; * bpf_usdt_arg_size() API - update to 1.6.0: * fixing a possible crash when handling BPF arena global variable relocations - drop 0001-libbpf-Add-identical-pointer-detection-to-btf_dedup_.patch, which is now included ==== libcddb ==== - Tighten %files, don't glob so much. - Work with newer gettext-runtime. In gettext 0.24.1 the m4 files moved from /usr/share/aclocal/ to /usr/share/gettext/m4 ==== libopenmpt ==== Version update (0.8.1 -> 0.8.2) - Update to 0.8.2: * [Sec] Possible out-of-bounds sample data read in a specific combination of reverse sample playback + offset past sample loop. (r23711). * [Bug] Fixed pre-C++20 undefined behaviour due to left-shifting negative integer values. * Since libopenmpt 0.8.0, swapping between samples on the rear channels could introduce a click on the front channels. * IT: Volume column slides no longer propagate their effect memory to the regular effect column volume slides. * FC: Allow files with a sequence size of 0 to load (fixes a broken copy of cult.smod). ==== libreoffice ==== Version update (25.2.4.3 -> 25.2.5.2) Subpackages: libreoffice-calc libreoffice-draw libreoffice-filters-optional libreoffice-gnome libreoffice-gtk3 libreoffice-icon-themes libreoffice-impress libreoffice-l10n-cs libreoffice-l10n-da libreoffice-l10n-de libreoffice-l10n-el libreoffice-l10n-en libreoffice-l10n-en_GB libreoffice-l10n-es libreoffice-l10n-fr libreoffice-l10n-hu libreoffice-l10n-it libreoffice-l10n-ja libreoffice-l10n-pl libreoffice-l10n-pt_BR libreoffice-l10n-ru libreoffice-l10n-zh_CN libreoffice-l10n-zh_TW libreoffice-mailmerge libreoffice-math libreoffice-pyuno libreoffice-qt5 libreoffice-qt6 libreoffice-writer libreofficekit - Update to 25.2.5.2: * Release notes: https://wiki.documentfoundation.org/Releases/25.2.5/RC1 https://wiki.documentfoundation.org/Releases/25.2.5/RC2 - Remove patch, no longer required: * fix_build_with_poppler_25.05.patch ==== libstorage-ng ==== Version update (4.5.263 -> 4.5.264) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#1029 - fixed sysfs name and path for numeric named MD RAIDs (bsc#1246331) - coding style - 4.5.264 ==== libxml2 ==== Subpackages: libxml2-2 libxml2-tools - security update - added patches CVE-2025-7425 [bsc#1246296], Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr + libxml2-CVE-2025-7425.patch ==== libxslt ==== Subpackages: libexslt0 libxslt-tools libxslt1 - security update - added patches CVE-2025-7424 [bsc#1246360], Type confusion in xmlNode.psvi between stylesheet and source nodes + libxslt-CVE-2025-7424.patch ==== libyui ==== Version update (4.7.5 -> 4.7.6) - Allow building with CMake 4.0 * Bump cmake_minumum_required to 3.10, which matches what most other modules in libyui use (3.5 is the minimum required to be supportable by CMake 4.0( * Remove CMP0046, as CMake 4.0 no longer supports it. The OLD mode in any case was a workaround for 'badly written CMakeLists.txt', as it just instructed cmake to ignore non-existing dependenices listed in add_dependencies. This package does not rely on non-existing dependencies and builds perfectly without this policy. - 4.7.6 ==== libyui-ncurses ==== Version update (4.7.5 -> 4.7.6) - Allow building with CMake 4.0 * Bump cmake_minumum_required to 3.10, which matches what most other modules in libyui use (3.5 is the minimum required to be supportable by CMake 4.0( * Remove CMP0046, as CMake 4.0 no longer supports it. The OLD mode in any case was a workaround for 'badly written CMakeLists.txt', as it just instructed cmake to ignore non-existing dependenices listed in add_dependencies. This package does not rely on non-existing dependencies and builds perfectly without this policy. - 4.7.6 ==== libyui-ncurses-pkg ==== Version update (4.7.5 -> 4.7.6) - Allow building with CMake 4.0 * Bump cmake_minumum_required to 3.10, which matches what most other modules in libyui use (3.5 is the minimum required to be supportable by CMake 4.0( * Remove CMP0046, as CMake 4.0 no longer supports it. The OLD mode in any case was a workaround for 'badly written CMakeLists.txt', as it just instructed cmake to ignore non-existing dependenices listed in add_dependencies. This package does not rely on non-existing dependencies and builds perfectly without this policy. - 4.7.6 ==== libyui-qt ==== Version update (4.7.5 -> 4.7.6) - Allow building with CMake 4.0 * Bump cmake_minumum_required to 3.10, which matches what most other modules in libyui use (3.5 is the minimum required to be supportable by CMake 4.0( * Remove CMP0046, as CMake 4.0 no longer supports it. The OLD mode in any case was a workaround for 'badly written CMakeLists.txt', as it just instructed cmake to ignore non-existing dependenices listed in add_dependencies. This package does not rely on non-existing dependencies and builds perfectly without this policy. - 4.7.6 ==== libyui-qt-graph ==== Version update (4.7.5 -> 4.7.6) - Allow building with CMake 4.0 * Bump cmake_minumum_required to 3.10, which matches what most other modules in libyui use (3.5 is the minimum required to be supportable by CMake 4.0( * Remove CMP0046, as CMake 4.0 no longer supports it. The OLD mode in any case was a workaround for 'badly written CMakeLists.txt', as it just instructed cmake to ignore non-existing dependenices listed in add_dependencies. This package does not rely on non-existing dependencies and builds perfectly without this policy. - 4.7.6 ==== libyui-qt-pkg ==== Version update (4.7.5 -> 4.7.6) - Allow building with CMake 4.0 * Bump cmake_minumum_required to 3.10, which matches what most other modules in libyui use (3.5 is the minimum required to be supportable by CMake 4.0( * Remove CMP0046, as CMake 4.0 no longer supports it. The OLD mode in any case was a workaround for 'badly written CMakeLists.txt', as it just instructed cmake to ignore non-existing dependenices listed in add_dependencies. This package does not rely on non-existing dependencies and builds perfectly without this policy. - 4.7.6 ==== libyuv ==== - Add fix-narrowing-conversion-initializer-errors-on-LoongArch64.patch Fix C++11 narrowing conversion errors when initializing __m128i constants with unsigned long long literals on LoongArch64 builds. ==== libzypp ==== Version update (17.37.11 -> 17.37.12) - Allow explicit request to probe an added repo's URL (bsc#1246466) - Fix tests with -DISABLE_MEDIABACKEND_TESTS=1 (fixes #661) - version 17.37.12 (35) ==== ncurses ==== Version update (6.5.20250712 -> 6.5.20250720) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20250720 + further improve readability of header-files + add a consistency-check for termio(s)/tty headers, to help with cross-compiles (report by Stas Sergeev). + remove some unused configure-macros + add xterm+keypad to pccon+base -TD + trim trailing blanks from a few files (report by Stas Sergeev). ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0 - Update to version 2.1.11.suse+73.1723affc61eb: * README for rpm build directory * Fix issue with IPv6 adapter interfaces (#508, bsc#1240969) * fwparam_ppc.c: Fix the calloc-transposed-args issue (#504) * Makefile: fix "No rule to make target 'iscsiuio/Makefile.in" issue (#506) * Fix typo in initiator.c (#507) - Fixed some issues in this changes file * One date had incorrect format from 2014 * Two separator lines were formatted incrrectly ==== openSUSE-release ==== Version update (20250718 -> 20250722) Subpackages: openSUSE-release-appliance-custom openSUSE-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== orca ==== Subpackages: orca-lang - Add orca-large-set-oom.patch: fix possible out-of-memory when presenting gtk 4 list items (glgo#GNOME/orca#560). ==== pciutils ==== Version update (3.13.0 -> 3.14.0) Subpackages: libpci3 - Update to 3.14.0: * New capabilities are decoded: VirtIO SharedMemory, Physical Layer 16 to 64 GT/s, Flit Mode, Device 3, Intel vendor- specific. * got definitions of new classes and capabilities from PCI Code and ID Assignment rev 1.18 * can be included from C++ programs * Updated pci.ids ==== perl-libwww-perl ==== Version update (6.780.0 -> 6.790.0) - updated to 6.790.0 (6.79) see /usr/share/doc/packages/perl-libwww-perl/Changes 6.79 2025-06-27 22:43:32Z - Remove example references to malicious domain (GH#476) (Devin Dooley) - Documentation updates for mirror (GH#470) (Julien Fiegehenn) - Allow underscores in headers not to be removed in lwp-request (GH#443) (@JohnHughesAtlantech and Olaf Alders) ==== python-Automat ==== Version update (24.8.1 -> 25.4.16) - update to 25.4.16: * documentation update * allow python 3.13 ==== python-anyio ==== Version update (4.8.0 -> 4.9.0) - Inject multibuild to break a build loop. - Update to 4.9.0: * Added async support for temporary file handling (#344; PR by @11kkw) * Added 4 new fixtures for the AnyIO pytest plugin: * free_tcp_port_factory: session scoped fixture returning a callable that generates unused TCP port numbers * free_udp_port_factory: session scoped fixture returning a callable that generates unused UDP port numbers * free_tcp_port: function scoped fixture that invokes the free_tcp_port_factory fixture to generate a free TCP port number * free_udp_port: function scoped fixture that invokes the free_udp_port_factory fixture to generate a free UDP port number * Added stdin argument to anyio.run_process() akin to what anyio.open_process(), asyncio.create_subprocess(), trio.run_process(), and subprocess.run() already accept (PR by @jmehnle) * Added the info property to anyio.Path on Python 3.14 * Changed anyio.getaddrinfo() to ignore (invalid) IPv6 name resolution results when IPv6 support is disabled in Python * Changed EndOfStream raised from MemoryObjectReceiveStream.receive() to leave out the AttributeError from the exception chain which was merely an implementation detail and caused some confusion * Fixed traceback formatting growing quadratically with level of TaskGroup nesting on asyncio due to exception chaining when raising ExceptionGroups in TaskGroup.__aexit__ (#863; PR by @tapetersen) * Fixed anyio.Path.iterdir() making a blocking call in Python 3.13 (#873; PR by @cbornet and @agronholm) * Fixed connect_tcp() producing cyclic references in tracebacks when raising exceptions (#809; PR by @graingert) * Fixed anyio.to_thread.run_sync() needlessly holding on to references of the context, function, arguments and others until the next work item on asyncio (PR by @Wankupi) ==== python-kiwi ==== Version update (10.2.27 -> 10.2.28) - Bump version: 10.2.27 → 10.2.28 - Fix dracut code to be POSIX compliant The redirect type "< <(...)" is not POSIX complians and leads to a syntax error in dracut which calls bash as "sh" leading it to be restricted to POSIX only - Extend test-image-lvm integration test For testing a bit more complex resize procedure, update the lvm integration test to run more resize actions with required device locking - Apply proper udev locking Several commands during repart, resize and other actions require a proper lock to be set for udev such that other events knows about the locked state of a device and do not mess with it until the command for which the lock persists has completed. This commit applies proper udev locks to all commands that requires it. In addition incorrect code that was expected to prevent such race conditions got dropped from the implementation. This is related to bsc#1242987 - relocate GPT at the end of disk using sfdisk Using sfdisk for relocation and verification makes this part more consistent. We also want to move away from gdisk. This is related to #2851 - Do not strictly require config.partids in repart The kiwi-repart implementation requires a metadata file named config.partids which holds information about partition ids and more stored at the time the image was built. Depending on the complexity of the image and the resize request some of the information can be rebuilt in case the metadata file is missing. This commit adds the rebuild of the minimum required information to run a standard resize and therefore allows the kiwi-repart dracut module to work also without config.partids to be present in the system - Do not drop /config.partids The partition id metadata file is used in the kiwi-repart module. If a user wants to use the kiwi repart module permanently, this metadata file needs to stay in the system. Therefore it should not be automatically deleted by the cleanup. A disk.sh hook script can be used to force the deletion of the file though. This is related #2851 - Fix centos/test-image-live-disk-v10 There is no package named iprutils - Fix centos/test-image-live-disk-v10 Update package names - Added centos/test-image-live-disk-v10 build test - Fix tumbleweed/test-image-gce integration test Drop obsolete growpart - Followup fix to support older apt versions for bootstrap There are apt versions that do not create missing state files. Make sure the intermediate bootstrap state file is created in any case. This Fixes #2857 - Fixed integration test builds Next round of fixes for integration tests. Missing or wrong service activations - Fix arm/tumbleweed/test-image-rpi Fix snapper setup for this integration test - Fixed test-image-live-disk Added missing openssh-server package - Fixed test-image-azure Add missing python-azure-agent-config-default package - Fixed debian integration test builds secure shell service is named ssh and not sshd there - Fixed integration test builds Second round of fixes for integration tests. Again errors now became visible due to the refactoring of the script code - Fixed integration test builds Errors from scripts were no longer ignored due to the last cleanup of the integration test script code. This commit fixes the now exposed build errors - Fix check_target_dir_on_unsupported_filesystem Find the first existing path in the target path and check the filesystem capabilities for this path. This Fixes #2858 - Cleanup integration tests config.sh script code Add script code to shellcheck and fix all reported issues. Get rid of suseXX and baseXX methods as much as possible. Add set -ex for all script code. Do not allow any script code to fail. - defaults: Add patterns for shim/grub2 on riscv64 A recent commit changed the way these are looked up and accidentally broke image building on riscv64, with KiwiBootLoaderGrubSecureBootError: Signed grub2 efi loader not found now being raised for kiwi recipes that worked just fine before that moment. Fixes: 197572378cf4f25103934beac2ceca4fbbcfcbc0 Thanks: David Abdurachmanov Thanks: Marcus Schäfer Signed-off-by: Andrea Bolognani - Add SLFO test-image-disk-simple integration test Add simple disk test and allow for testing the new transparent container idea for the aws toolchain. also add SLFO builds to the helper script ==== python-typing_extensions ==== Version update (4.14.0 -> 4.14.1) - update to 4.14.1: * Fix usage of `typing_extensions.TypedDict` nested inside other types (e.g., `typing.Type[typing_extensions.TypedDict]`). This is not allowed by the type system but worked on older versions, so we maintain support. ==== python311 ==== Subpackages: python311-curses python311-dbm python311-x86-64-v3 - Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705). - Use one core to build doc. This will make sphinx doc build reproducible. bsc#1243155 ==== python311-core ==== Subpackages: libpython3_11-1_0 libpython3_11-1_0-x86-64-v3 python311-base python311-base-x86-64-v3 - Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705). - Use one core to build doc. This will make sphinx doc build reproducible. bsc#1243155 ==== python313 ==== Subpackages: python313-curses python313-dbm python313-tk python313-x86-64-v3 - Fix gil/nogil package description, bsc#1246229 - Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705). - Add bsc1243155-sphinx-non-determinism.patch (bsc#1243155) to generate ids for audit_events using docname (reproducible builds). - Use one core to build doc. This will make sphinx doc build reproducible. bsc#1243155 ==== python313-core ==== Subpackages: libpython3_13-1_0 libpython3_13-1_0-x86-64-v3 python313-base python313-base-x86-64-v3 - Fix gil/nogil package description, bsc#1246229 - Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705). - Add bsc1243155-sphinx-non-determinism.patch (bsc#1243155) to generate ids for audit_events using docname (reproducible builds). - Use one core to build doc. This will make sphinx doc build reproducible. bsc#1243155 ==== qgpgme ==== Version update (1.24.3 -> 2.0.0) - Add requirements to gpgmepp to -devel packages to avoid breaking plasma-pass, and correctness - disable 32-bit libraries for Qt6 flavor - enable Qt5 for Kf5 kwallet boo#1244605 - initial version, upstream split the language bindings from 2.0.0 ==== sdbootutil ==== Version update (1+git20250716.b03c12f -> 1+git20250718.9f557f7) Subpackages: sdbootutil-dracut-measure-pcr sdbootutil-snapper - Update to version 1+git20250718.9f557f7: * MicroOS mounts encrypted /var in initrd ==== sqlite3 ==== Version update (3.50.2 -> 3.50.3) Subpackages: libsqlite3-0 libsqlite3-0-x86-64-v3 sqlite3-tcl - Update to version 3.50.3: * Fix a possible memory error that can occur if a query is made against against FTS5 index that has been deliberately corrupted in a very specific way. * Fix the parser so that it ignored SQL comments in all places of a CREATE TRIGGER statement. This resolves a problem that was introduced by the introduction of the SQLITE_DBCONFIG_ENABLE_COMMENTS feature in version 3.49.0. * Fix an incorrect answer due to over-optimization of an AND operator. ==== sshfs ==== - Don't globstar files in shared directory _bindir. - build the man page ==== tbb ==== Version update (2022.1.0 -> 2022.2.0) - Drop excessive gcc flags: add cf-prot.patch. - Update to version 2022.2.0: * Improved Hybrid CPU and NUMA Platforms API Support: Enhanced API availability for better compatibility with Hybrid CPU and NUMA platforms. * Refined Environment Setup: Replaced CPATH with C_INCLUDE_PATH and CPLUS_INCLUDE_PATH in environment setup to avoid unintended compiler warnings caused by globally applied include paths. ==== update-bootloader ==== Version update (1.24 -> 1.25) - merge gh#openSUSE/perl-bootloader#191 - avoid spurious warning messages when parsing /etc/default/grub (bsc#1246373, bsc#1245323) - 1.25 ==== vulkan-loader ==== Version update (1.4.313 -> 1.4.321) - Update to tag SDK-1.4.321.0 * Simplify portability enumeration variables. * Only call surface creation functions on supported drivers. * Add vkGetPhysicalDeviceSurfaceSupportKHR test when ICD does not support the surface extension. ==== vulkan-tools ==== Version update (1.4.313 -> 1.4.321) - Update to tag SDK-1.4.321.0 * cube: prefer Wayland over X11 when available ==== xkeyboard-config ==== Subpackages: xkeyboard-config-lang - make %pretrans lua script more robust to avoid endless loops during package installation (boo#1246768) ==== yast2 ==== Version update (5.0.14 -> 5.0.15) Subpackages: yast2-logs - Do not try installing packages into the inst-sys during installation (bsc#1240867) - 5.0.15 ==== yast2-packager ==== Version update (5.0.6 -> 5.0.8) - Fix Internal Error: Encoding::CompatibilityError when adding SLE-HA as add-on product (bsc#1245555) - 5.0.8 - Prevent a crash if a repo doesn't have a baseurl, but possibly a mirrorlist instead (bsc#1244040) - 5.0.7 ==== yast2-trans ==== Version update (84.87.20250710.2e450abe00 -> 84.87.20250721.46ecd273d2) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20250721.46ecd273d2: * Translated using Weblate (Georgian) * Translated using Weblate (Ukrainian) * Update translation files * New POT for text domain 'base'. * Update translation files * New POT for text domain 'control'. ==== zypper ==== Version update (1.14.92 -> 1.14.93) Subpackages: zypper-log zypper-needs-restarting - Fix addrepo to handle explicit --check and --no-check requests (bsc#1246466) - Accept "show" as alias for "info" (bsc#1245985) - version 1.14.93